First published: Fri May 13 2022(Updated: )
SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions accept a user-controlled input that specifies a link to an external site and uses that link in a redirect which leads to Open redirection vulnerability.
Credit: PSIRT@sonicwall.com
Affected Software | Affected Version | How to fix |
---|---|---|
SonicWall SMA 6200 | =12.4.0 | |
SonicWall SMA 6200 | =12.4.1 | |
SonicWall SMA 6200 Firmware | ||
SonicWall SMA 6210 | =12.4.0 | |
SonicWall SMA 6210 | =12.4.1 | |
SonicWall Secure Mobile Access | ||
SonicWall SMA 7200 | =12.4.0 | |
SonicWall SMA 7200 | =12.4.1 | |
SonicWall Secure Mobile Access | ||
SonicWall SMA 7210 Firmware | =12.4.0 | |
SonicWall SMA 7210 Firmware | =12.4.1 | |
SonicWall SMA 7210 Firmware | ||
SonicWall SMA 8000v Firmware | =12.4.0 | |
SonicWall SMA 8000v Firmware | =12.4.1 | |
SonicWall SMA 8000v Firmware |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this SonicWall SMA1000 series firmware vulnerability is CVE-2022-1702.
The title of the SonicWall SMA1000 series firmware vulnerability is 'SonicWall SMA1000 series firmware 12.4.0 12.4.1-02965 and earlier versions accept a user-controlled input that specifies a link to an external site and uses that link in a redirect which leads to Open redirection vulnerability.'
The severity level of the CVE-2022-1702 vulnerability is medium with a severity value of 6.1.
SonicWall SMA1000 series firmware versions 12.4.0, 12.4.1-02965, and earlier are affected by this vulnerability.
To fix the CVE-2022-1702 vulnerability, update your SonicWall SMA1000 series firmware to version 12.4.1-02966 or later.